Wordfence Security Blocked IP, Country Blocking and Advanced Blocking
In this section of the guide, we will look at three different sections of the Wordfence Security WordPress Plugin: Blocked IP, Country Blocking and Advanced Blocking. Each of these sections are focused on blocking users from users websites.
Step 1) Login to the WordPress Dashboard.
Step 2) Head to the Dashboard of your website and choose Wordfence on the Left-hand sidebar. The three Blocking options can be seen in the dropdown as shown below… The first one is Blocked IPs, which stands for Internet Protocol address. Every internet-enabled computer, laptop of device is given a numeric IP address, which will show your name, number and location.
Step 3) Click on Blocked IP and you will be taken to a chart where you can see all the blocked and locked out IP addresses that have been flagged up by Wordfence’s security scans. These come to three different sections: 1) IPs that are blocked from accessing the site, 2) IPs that are Locked Out from Login, and 3) IPs who were recently throttled for accessing the site too frequently. You can clear addresses from the chart at any time, and if you wish to Manually Block IPs, there is the option to do this via a button on the right.
Step 4) The next section is Country Blocking. Heading to the page via the Left-hand sidebar, a list of countries can be seen, and have a tick box next to them which can be ticked and blocked using the “Save Changes” button at the bottom of the page. This is used to block countries that are notorious for spamming sites, and if your website is a local business with no need for traffic from certain countries, this is a very useful option.
Step 5) Underneath the list of countries, you will see the Country Blocking Options and Advanced Country Blocking Options. On the previous, you can choose what to do when you block someone. The options are to take them to a standard message created by Wordfence, or redirecting to a URL created by the site owner (similar to a 404 page). You can also choose to block countries even if they are logged in, and block access to the login form too, to disable blocked users completely.
On the Advanced Country Blocking Options, you can choose to bypass the country blocking if a user hits a certain URL of your choice. This will redirect users to another URL, and set a cookie to allow them to access the site. You can also set a URL for logged in users who may try and access your site from a blocked country. This will bypass the country blocking and allow them access.
Step 6) Hit the Advanced Blocking option on the Left-hand sidebar of the Dashboard, and you will be taken to a page where you can block visitors with a particular pattern in their IP address (including the type of web browser they are using). This is great for blocking fake addresses claiming to be Google robots.
You are given three areas to fill on the form, including the range of IP addresses you wish to block, user-agents (browsers), and the reason for blocking them. This is for your own record keeping (i.e. “Block them because this is a spambot from India”) rather than for Wordfence’s specific needs.
The next step of the guide will focus on Enabling Cell Phone Sign-in with Wordfence Security.